Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

segfault / null ptr access on malformed 7z file #513

Closed
kwrobot opened this issue Apr 11, 2015 · 1 comment

Comments

Projects
None yet
1 participant
@kwrobot
Copy link

commented Apr 11, 2015

Original issue 405 created by Google Code user hanno@hboeck.de on 2015-02-07T22:31:40.000Z:

bsdtar will segfault due to a null pointer access in the attached malformed 7z file. Found with american fuzzy lop.

libarchive/archive_read_support_format_7zip.c:2054:7: runtime error: member access within null pointer of type 'struct _7z_folder'
ASAN:SIGSEGV
=================================================================
==14504==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000038 (pc 0x000000b7a538 sp 0x7fff8137ce50 bp 0x000000000007 T0)
    #0 0xb7a537 in read_CodersInfo libarchive/archive_read_support_format_7zip.c:2054
    #1 0xb7a537 in read_StreamsInfo libarchive/archive_read_support_format_7zip.c:2288
    #2 0xb94a2c in read_Header libarchive/archive_read_support_format_7zip.c:2377
    #3 0xb94a2c in slurp_central_directory libarchive/archive_read_support_format_7zip.c:2907
    #4 0xb94a2c in archive_read_format_7zip_read_header libarchive/archive_read_support_format_7zip.c:637
    #5 0x4b5ffb in _archive_read_next_header2 libarchive/archive_read.c:645
    #6 0x4b5ffb in _archive_read_next_header libarchive/archive_read.c:685
    #7 0x42a422 in read_archive tar/read.c:252
    #8 0x42d5f2 in tar_mode_x tar/read.c:104
    #9 0x41469c in main tar/bsdtar.c:805
    #10 0x7f1d78f07f9f in __libc_start_main (/lib64/libc.so.6+0x1ff9f)
    #11 0x41a160 (/mnt/ram/libarchive/bsdtar+0x41a160)

See attachment: bsdtar-null-ptr.7z
See attachment: bsdtar-null-ptr.7z.asan.txt

@kwrobot

This comment has been minimized.

Copy link
Author

commented Apr 11, 2015

Comment #1 originally posted by kientzle on 2015-02-08T21:44:18.000Z:

This seems to be fixed in git commit d094dc.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.